?
Solved

Sonicwall UDP port forward

Posted on 2010-08-20
11
Medium Priority
?
1,697 Views
Last Modified: 2012-05-10
Greeting,

I have a Sonicwall NSA240 in my network.

I need to open UDP port 21068 and to nat it to this IP address : 172.16.117.5.

I have successfully created my firewall/nat rules with the built-in firewall wizard. (Which I already used to create other firewall / nat rules that currently works.)

The packets doesn't pass my firewall ..

I installed nmap to see if the UDP port are opened on my server and my firewall.

This is my command : nmap -p 21068 -sU -P0 SERVER

I try this command from my local network and this is what I've got

nmap -p 21068 -sU -P0 172.16.117.5

Nmap scan report for 172.16.117.5
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:02:D9:09:01:94 (Reliable Controls)
Nmap done: 1 IP address (1 host up) scanned in 0.59 seconds

I know that this port is open on the server.

I try the same command on my sonicwall

nmap -p 21068 -sU -P0 172.16.117.2

Nmap scan report for 172.16.117.2
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:17:C5:2C:5F:01 (SonicWALL)
Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds

It's supposed to be opened on my sonicwall as well...

I decided to try any other UDP scan port on the server to see if the nmap output was right. When the port isn't open it give me something like this :

PORT STATE SERVICE
34        Closed  unknown

I try the same thing on my Sonicwall but it always told me that the requested UDP port is open ?

I also try the nmap scan from the outside of my network.. it gives me the same output (all udp port seems to be open)

Does all my UDP ports are open in my sonicwall ?

Also, do you have any idea why I can't access my server on the port I opened ?
0
Comment
Question by:tblinc
  • 6
  • 5
11 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33489069
I'd check the log with a connection attempt going to see what it hits.  On the NSA 240, you can setup a packet capture to see if it's getting through.  You might also consider disabling any of the security services for a testing period.  Additionally, check the LAN > WAN and WAN > LAN rules to confirm they're accurate.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33489074
also, please post the logs back here so we can have a look at them.
0
 

Author Comment

by:tblinc
ID: 33503957
I set up a VPN connexion instead. My VPN connection is able to built successfully but I can only ping my dns server and my sonicwall.

I can't ping anything else on my network.

I try to add a firewall rule

VPN -> LAN allow any  but it doesn't work
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 33

Expert Comment

by:digitap
ID: 33504258
what does the lan to vpn rule look like?
0
 

Author Comment

by:tblinc
ID: 33504388
Priority      Source                                           Destination                   Service  Action       Users  
1              WAN RemoteAccess Networks  Vpn DHCP Clients   Any          Allow       All                           
0
 

Author Comment

by:tblinc
ID: 33504452
I saw this when I try to ping something in my network


log.jpg
0
 
LVL 33

Expert Comment

by:digitap
ID: 33504630
Thanks for your patience.

You need to look at the LAN > VPN and VPN > LAN settings.  I don't get the feeling that we're getting there yet.  The best way is to go to Firewall > Access Rules.  Click the radio button called "Drop-down Boxes" and select the From Zone and To Zone.

Regarding the screen shot, IPS is only alerting of the ping.  Since you are not blocking Low alerts, it's only notifying not dropping.
0
 

Accepted Solution

by:
tblinc earned 0 total points
ID: 33626734
I finally find what was my error.

I have a Client and server Antivirus software provided by my sonicwall. The computer in question doesn't have the antivirus installed. So all the traffic was reaching this computer but the computer itselft cannot send anything on the network.

I removed it from the scope and it finally works successfully.

Thank you for your help.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33626778
So, the sonicwall was blocking it because it didn't have the AV client installed, right?
0
 

Author Comment

by:tblinc
ID: 33626948
right
0
 
LVL 33

Expert Comment

by:digitap
ID: 33627043
didn't think of that.  guess i didn't realize you were using the client AV as well as the gateway AV on the sonicwall.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question